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DETAILED ACTION 

1 . Claims 1-13,16,1 7, 20-22, 24-31 , and 33-42 are pending and have been 
examined. 

Response to Arguments 

2. Applicant's arguments filed 3-23-09 have been fully considered but they are not 
persuasive. 

The applicant argues in traverse of the rejections of the claims under 35 USC 
102, as anticipated by Rothermal US 6,678,827, by asserting that Rothermal fails to 
teach the features found in the independent claims of expanding at least one template 
at a central location and subsequently providing the expanded information to a plurality 
of computing devices. The applicant maintains that the cited portions of Rothermal 
merely teach provision of a template to a computing device and subsequently 
expanding the template at the device. The Examiner counters that, while Rothermal 
does indeed teach such local expansion where a network security device (henceforth 
NSD) receives a template and then expands it by the addition of NSD specific 
information, the Rothermal patent also teaches expansion of a template at a central 
location with later distribution of the expanded information to a plurality of computing 
devices. For example, in col. 10 line 8 through col. 11 line 17 Rothermal teaches the 
use of a graphical user interface by an administrator to establish a security policy (e.g. 
Alias lists) in a template with subsequent distribution of the template to a plurality of 
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computing devices (NSD's). Such establishment of security policies for a network in a 
template does read on the applicant's claim limitation of "expansion" of a template. 

The applicant argues that the Rothermal patent fails to teach a "communications 
gateway" as recited in claim 8. The Examiner counters that the manager device, taught 
for example in col. 10 lines 12-15 of Rothermal, reads on the applicant's communication 
gateway. The administrator does indeed perform the functions recited in claim 8 as per 
the discussion found supra. 

The Applicant argues that Rothermal fails to teach the feature of claims 3 and 9 
wherein the structure of said plurality of templates includes conditional statements in the 
template. Yet such is found at for example, col. 10 lines 25-35 and figure 3B, where 
conditional statements in the form of filter rules are taught as being included in a 
template. Figure 8 shows how these rules are evaluated as conditional statements. 

The Applicant argues in traverse of the rejections of claims 4-6, 10-12, 27 and 33 
in omnibus fashion by stating that Rothermal fails to teach the features of template 
categories that reflect policies applicable to all of a plurality, a subset of a plurality, or a 
particular type of the plurality of devices. The Examiner finds that Rothermal teaches 
these features at for example, col. 6 lines 20-33, where templates are taught as being 
customized for particular types of network security devices. 

The Applicant argues that Rothermal fails to teach the feature of claims 17, 21 
and 26 where a communications gateway expands a template to include information 
contained in a conditional statement only if the computing device to which said 
expanded information is to be provided meets the condition. The Examiner maintains 
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that such is indeed taught by Rothermal at for example, col. 11 lines 5-1 0, where filter 
rules are taught as being created only for devices having particular identities. 

The Applicant argues that Rothermal fails to teach the claimed features found in 
claim 25 where all of the users on the list perform a specified role relative to said 
computer devices. The Examiner finds that such is taught by Rothermal at for example, 
col. 1 1 lines 5-10, where users perform roles specified in a templates security policy by 
reference to Accounting, Marketing, and etc. In col. 11 lines 25-45 Rothermal also 
defines the characteristics that a user of a device must meet in terms of identification, 
contact information, authorization information, and etc. 

The Applicant argues that the rejections of claims 28-30 and 34-36 are improper 
because the claims were rejected as reciting substantially the same limitations as 
claims 4-6 and 10-12. However, the Examiner finds that claims 4-6 and 10-12 are 
worded such that the security policies are in some cases applicable to all, or to only a 
subset of set of a plurality of devices, and that this is synonymous to the claim language 
of claims 28-30 and 34-36 where a template in a second category inherits policies 
contained in a first category and where such inheritance can be selectively disabled. 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
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applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

4. Claims 1 -1 3, 1 6, 1 7, 20-22, 24-31 , 33-36, 39, and 41 are rejected under 35 
U.S.C. 102(e) as being anticipated by Rothermel et al., US 6,678,827. 

As for claim 1 , Rothermel teaches a method for automatically provisioning a 
plurality of computing devices in accordance with established policies (col. 4 lines 20- 
67), the method comprising the steps of: creating a plurality of templates reflecting said 
policies (col. 4 lines 20-67), expanding at least one template at a central location to 
create a document comprising expanded information (col. 4 lines 20-67), and sending 
from the central location the expanded document comprising the expanded information 
to said plurality of computing devices (col.4 line 49 thru col. 5 line 13), 

As for claim 2, Rothermel teaches interpreting the expanded information by 
agents which are respectively resident on each of said plurality of computing devices 
(col.5 lines 32-35). 

As for claims 3 and 9, Rothermel teaches the structure of said plurality of 
templates includes conditional statements that determine whether a template is to be 
expanded with predetermined information on the basis of the computing device to which 
the expanded information is being provided (col. 10 lines 25-35, fig. 3B, fig. 8). 
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As for claims 4 and 10, Rothermel teaches the plurality of templates includes a 
first category of templates that reflect policies applicable to all of the plurality of 
computing devices (col. 6 lines 20-32). 

As for claims 5 and 1 1 , Rothermel teaches at the plurality of templates includes a 
second category of templates that reflect policies applicable to only a subset of the 
plurality of computing devices (col. 6 lines 20-32). 

As for claims 6 and 12, Rothermel teaches the plurality of templates includes 
another category of templates that reflect policies only applicable to a particular type of 
the plurality of computing devices (col. 6 lines 20-32). 

As for claims 7 and 13, Rothermel teaches the method of claim 1, wherein said 
policies are security polices regarding user access to each of the plurality of computing 
devices, (col. 11 lines 1-45) 

As for claim 8, Rothermel teaches a system for automatically provisioning a 
plurality of computing devices in accordance with established policies, the system 
comprising: a database system which stores a plurality of templates which reflect said 
polices (col. 6 lines 56-60), a plurality of agents which are respectively resident on each 
of said plurality of computing devices (col. 5 lines 30-40), and which communicate with 
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said database system to obtain information with regard to provisioning and 
maintenance of the respective computing devices (col. 5 lines 30-40), and a 
communications gateway through which communication messages are exchanged 
between said agents and said database system (col. 5 lines 1-12: Supervisor devices), 
wherein said communications gateway is configured to: retrieve the individual ones of 
the plurality of templates, expand the plurality of retrieved templates to create 
respective documents containing combined template information and expanded 
information, and provided the documents containing the combined template information 
and expanded information to said plurality of agents (col.4 lines 49 thru 67), 

As for claims 39 and 41 , Rothermal teaches the feature wherein at least one 
template includes a reference to information external to the template, and wherein said 
communication gateway expands the template by creating a document that includes 
information contained in the template and said external information, (fig. 3B items 30, 
311, 316). 

As for claim 16, Rothermel teaches a system wherein said external information 
comprises a list of users (col. 1 1 lines 18-30). 

As for claim 17, Rothermel teaches the system of claim 9 wherein said 
communications gateway expands a template to include information contained in a 
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conditional statement only if the computing device to which said expanded information 
is to be provided meets the condition (col. 1 1 lines 35-40). 

As for claim 20, Rothermel teaches a method, wherein said external information 
comprises a list of users (col. 1 1 lines 18-30). 

As for claim 21 , Rothermel teaches the method of claim 3, wherein said 
expanding step includes the step of including information contained in a conditional 
statement only if the computing device to which said expanded information is to be 
provided meets the condition (col. 11 lines 18-30). 

As for claim 25, Rothermal teaches the method of claim 24 wherein all of the 
users on said list perform a specified role relative to said computing devices (col. 1 1 
lines 20-45). 

As for claims 22, 24, 26-31 , and 33-36, the claims are directed to the same 
method as found in claims 1-14, 16-18, 20 and 21 in slightly reworded form. Therefore 
these claims are rejected on the same basis as are claims 1-14, 16-18, 20 and 21. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 37, 38, 40, and 42 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Rothermel et al., US 6,678,827, and Teng et al., US 7,380,008. 

Rothermal fails to teach the feature wherein the document is an XML document. 
However, Teng does teach such an XML document where an XML template is 
expanded at a central location by a server and where the document includes 
references to information external to the template (fig. 39, col. 47 line 28 through col. 
49 line 34). Therefore it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to incorporate this feature into the system of 
Rothermal. It would have been obvious to do so since this would allow for the use of 
XML documents compatible with common platforms such as JAVA and allow greater 
portability of the system. 

Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul E. Callahan whose telephone number is (571) 272- 
3869. The examiner can normally be reached on M-F from 9 to 5. 

If attempts to reach the examiner by telephone are unsuccessful, the Examiner's 
supervisor, Emmanuel Moise, can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is: (571) 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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